Changeset 3780
- Timestamp:
- 05/18/2006 01:02:25 AM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.0/wp-includes/pluggable-functions.php
r3771 r3780 233 233 $adminurl = strtolower(get_settings('siteurl')).'/wp-admin'; 234 234 $referer = strtolower($_SERVER['HTTP_REFERER']); 235 if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) ) { 235 if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) && 236 !(-1 == $action && strstr($referer, $adminurl)) ) { 237 236 238 $html = "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>\n<html xmlns='http://www.w3.org/1999/xhtml' lang='en' xml:lang='en'>\n\n"; 237 239 $html .= "<head>\n\t<title>" . __('WordPress Confirmation') . "</title>\n";
Note: See TracChangeset
for help on using the changeset viewer.